summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xshare/hydractl/puppet-finger47
1 files changed, 47 insertions, 0 deletions
diff --git a/share/hydractl/puppet-finger b/share/hydractl/puppet-finger
new file mode 100755
index 0000000..ff935de
--- /dev/null
+++ b/share/hydractl/puppet-finger
@@ -0,0 +1,47 @@
+#!/bin/bash
+#
+# Check puppet fingerprints, hydractl perspective.
+#
+
+# Load
+source $APP_BASE/lib/hydra/functions || exit 1
+hydra_config_load
+
+# Command line arguments
+BASENAME="`basename $0`"
+
+# Execute openssl
+function puppet_openssl {
+ if [ -z "$1" ]; then
+ return
+ fi
+
+ openssl x509 -text -noout -fingerprint -in $1 | grep "^SHA1 Fingerprint="
+}
+
+# Master:
+#
+# openssl x509 -text -noout -fingerprint -in /var/lib/puppetmaster/ssl/ca/signed/fqdn.pem
+# openssl x509 -text -noout -fingerprint -in /var/lib/puppetmaster/ssl/certs/ca.pem
+#
+if [ -d "/var/lib/puppetmaster/ssl/" ]; then
+ for file in `ls /var/lib/puppetmaster/ssl/ca/signed/*pem`; do
+ fp="`puppet_openssl /var/lib/puppetmaster/ssl/ca/signed/$file`"
+ echo "`basename $file .pem`: $fp"
+ done
+
+ echo "ca: `puppet_openssl /var/lib/puppetmaster/ssl/certs/ca.pem`"
+fi
+
+# Node:
+#
+# openssl x509 -text -noout -fingerprint -in /var/lib/puppet/ssl/certs/fqdn.pem
+# openssl x509 -text -noout -fingerprint -in /var/lib/puppet/ssl/certs/ca.pem
+#
+if [ -d "/var/lib/puppet/ssl/" ]; then
+ fqdn="`facter fqdn`"
+ fp="`puppet_openssl /var/lib/puppetmaster/ssl/ca/signed/$fqdn.pem`"
+ echo "$fqdn: $fp"
+
+ echo "ca: `puppet_openssl /var/lib/puppet/ssl/certs/ca.pem`"
+fi